Microsoft, FBI Say They've Disrupted $500 Million Botnet

Working jointly with the FBI, Microsoft says it has disrupted a botnet responsible for stealing more than $500 million from bank accounts worldwide.

In a blog post published late last night, Microsoft said this was its "most agressive botnet operation to date" and the "first time that law enforcement and the private sector have worked together" to "execute a civil seizure warrant as part of a botnet disruption operation."

In English, what happened here is that about 5 million computers worldwide were infected with a program that recorded the passwords of bank accounts online. The so-called Citadel botnet — one of the largest known in the world — then sent the credentials to a network controlled by criminals. Using the passwords, they were able to take funds from the accounts.

According to Reuters, which broke the story, thieves were able to steal from dozens of banks, including "American Express, Bank of America, Citigroup, Credit Suisse, eBay's PayPal, HSBC, JPMorgan Chase, Royal Bank of Canada and Wells Fargo."

What Microsoft and the FBI did was seize some servers central to the botnet, therefore disrupting communication with about 1,400 of those nodes.